En the world of cryptocurrencies, and technology blockchain there are many known attacks and vulnerabilities and one of them is the Sybil attack. A Sybil Attack refers to when a system is violated by an entity that controls two or more different identities in a network. That is, when a person controls two or more points that are supposed to belong to different people or identities.
The name of Sybil Attack comes from the book "Sybil", a work of the well-known writer Flora Rheta Schreiber. In this book, Sybil Dorsett, a young woman who suffers from dissociative identity disorder (DID), a psychological disorder that leads a person to create several different identities of himself.
It is precisely this fact, which would be occurring in this type of computer attack on a distributed network. Only instead of being a person, in this case we would speak of nodes that seem to act independently but are under the control of the same person. However, it was not until 2002, when Brian zill a well-known computer scientist working for microsoft suggested the name for a a job of John R. Douceur. Douceur who is another Microsoft researcher, describe these types of attacks as part of their research work.
In this sense, we can summarize that A Sybil Attack is nothing more than an attack where a person tries to take control of the network by creating multiple accounts, nodes. or computers, which are their property. All this while showing that each of its points is a different identity to avoid raising suspicions.
But how can this type of attack affect blockchain technology and cryptocurrencies, ? What measures are taken to avoid this? Well, we will see all this and much more below.
Impact of a Sybil Attack on a blockchain network
The impact of a Sybil Attack on a blockchain network is primarily focused on getting undue influence on the decisions made on the network. For this, the user creates and controls many pseudonyms that allow him to put this influence into practice. As a result, the malicious actor achieves disproportionate control over network decisions.
Let's take an example to see this more easily. In networks like Bitcoin Many of the decisions that affect its operation are put to the vote. Voting allows miners and those who maintain network nodes to cast a vote for or against a proposal that is made. Now, if a malicious actor took over several identities on the network, he could vote as many times as there are identities under his control. A situation that is contrary to everything that is desirable and that would put the rest of those who participate at a disadvantage.
But not only that, a Sybil attack can also control the flow of information on the network. For example, a Sybil attack in Bitcoin can be used to obtain information about the IP addresses of the users who connect to the network. This is a situation that puts the security, privacy and anonymity of network users at risk. It sounds impossible, but a Sybil attack on BItcoin is capable of making this happen. The only thing that the attacker would need is to have control of several nodes in the network and begin to collect the information from them for an analysis that allows them to obtain all this information.
The situation reaches its peak, if the attacker, in addition to obtaining this information, implements active censorship. A fact that would prohibit users from making legitimate use of the network whenever they want.
How is a Sybil Attack Performed?
In principle we believe that technology has allowed us to have a safer world. To some extent this is true, but the technology is not perfect and there are vectors to violate all kinds of systems. In this sense, we can say that absolute security does not exist. And in all of this, the Sybil Attack is a good example.
For example, the peer-to-peer systems (P2P) They base their operation on a decentralized and distributed network. One in which each node of the network is managed by different identities scattered around the world. This fact makes their networks complex to attack and compromise in their entirety. This resistance level is perfect for critical systems and is the reason why blockchain and cryptocurrencies use it. After all, they are secure, stable, scalable, censorship resistant, and highly available.
However What if the enemy is posing as a friend and multiplies itself in the network using false identities? This is precisely a Sybil Attack, and the first to describe it was John R. Douceur.
Douceur's idea is simple and can be summarized as follows:
A P2P system can be violated, if a large part of its nodes (which are supposed to be secure and belong to different people), are actually controlled by the same person who remains in the shadows.
Depending on the P2P system this can mean large investments, such as Bitcoin where mining hardware must be purchased in order to affect the network. In other systems, the expense could be practically nil. For example, those where their decisions are made by vote of those who are part of the network. In these cases, the attacker could create thousands of fake accounts controlled by the same individual and influence network decisions.
In all cases, the vehicles or forms of attack vary depending on the network and its operating structure.
Example of a Sybil Attack
An example of Sybil Attack can be seen in the network violation Tor. This network works based on a P2P model in which its nodes guarantee that you can browse Internet anonymously. However, it is possible that a malicious or surveillance entity (such as the NSA) could pass off tens, hundreds or thousands of nodes as trustworthy, completely undermining its security. This is due to the fact that the entry and exit nodes would be controlled by the NSA and in this way it could monitor the network traffic of all those who make use of these compromised nodes.
This example of attack is more than practical than theoretical. In fact, in 2014 the Tor network was the victim of such an attack.
Are blockchain networks susceptible to a Sybil Attack?
Yes, blockchain networks are susceptible to this type of attack. But each network is unique in this regard. This is because each blockchain takes its own security measures to protect itself from this type of vulnerability. Remember that Sybil attacks are not unknown at all. Against this, developers take measures to protect the network and its users.
One of the most important measures at this point is the chain of trust. In Bitcoin for example, the blockchain and its history is distributed among all its nodes. They all have the same accounting book, and if only one of them tries to change it, it is simply rejected. Thus when a node begins to synchronize on the network, it takes data from various sources. It collates the information from all of them and if any of the nodes tries to change any data in any way, it is simply rejected and an attempt is made to take the data from another reliable node.
This method protects Bitcoin from this type of attack making it very difficult and exposing those malicious nodes. In fact, in 2015 such an event took place in Bitcoin. Back then, the Chainalysis company was aggressively seeking to obtain information from all nodes. The attempt was detected by the community and later analyzed by Gregory Maxwell, a major Bitcoin developer.
Also networks like Ethereum, Bitcoin Cash, Dash and even GRIN they are susceptible to this type of attack. Of course, each of them with their own particularities.